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1 This action is in response to the communication filed on 9/27/2005. 

2 DETAILED ACTION 

3 Response to Arguments 

4 Applicant's arguments filed 9/27/2005 have been fully considered but they are not 

5 persuasive. Applicant argues primarily that: 

6 i. Glover decrypts a separate portion of the file and not the device driver. 

7 ii. Glover did not disclose an initialization process or a release process. 

8 Regarding applicant's argument i. that Glover decrypts a separate portion of the file and 



9 not the device driver, the examiner does not find the argument persuasive. Glover clearly 

10 disclosed in Col. 9 Lines 25-33 that the virtual device driver decrypts the "hidden information" 

1 1 and Col. 9 Lines 33-35 clearly disclosed that the "hidden information" could be a device driver. 

12 Therefore, Glover did in fact disclosed decrypting a device driver. Therefore the examiner does 

1 3 not find the argument persuasive. 

14 Regarding applicant's argument ii. that Glover did not disclose an initialization process 

15 or a release process, the examiner does not find the argument persuasive. Glover disclosed an 

16 decrypting the hidden information prior to executing the hidden information in Col. 9 Lines 25- 

17 35, which is equivalent to the initialization operation of the claim which requires the device 

18 driver to be decrypted. Further, Glover disclosed that after execution the decrypted information 

19 was re-encrypted in Col. 22 Lines 32-36 and that after execution the data was removed from 

20 memory in Col. 10 Lines 45-47, which is equivalent to the release process as claimed and 

21 therefore meets the limitations of the claim. Therefore, the examiner does not find the argument 

22 persuasive. 
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1 All objections and rejections not set forth below have been withdrawn. 

2 Claims 1-14 have been examined. 

3 Title 

4 The title, as amended, is acceptable for prosecution. 

5 Drawings 

6 The drawings were received on 9/27/2005. These drawings are now acceptable. 

7 Specification 

8 The abstract of the disclosure as amended is acceptable. 

9 Claim Objections 

10 Claims 3 and 14 are objected to because of the following informalities: Claim 3 recites 

1 1 "secondarily re-encrypting the re-enrypted" which is misspelled. Appropriate correction is 

12 required. 

1 3 Claim Rejections - 35 (JSC § 1 02 

14 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 

15 basis for the rejections under this section made in this Office action: 

1 6 A person shall be entitled to a patent unless - 

17 (b) the invention was patented or described in a printed publication in this or a foreign 

1 8 country or in public use or on sale in this country, more than one year prior to the date of 

1 9 application for patent in the United States, 
20 

21 Claims 1-2, and 4-5 are rejected under 35 U.S.C. 102(b) as being anticipated by Glover 

22 (US Patent Number 6,052,780). 

23 Regarding claim 1, Glover disclosed a method for operating a device driver (See Glover 

24 Abstract and Col. 9 Lines 7-9), comprising the steps of: providing a device driver comprising an 
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1 encrypted program code portion of a main process thereof (See Glover Col. 9 Lines 25-35 hidden 

2 information); decrypting the encrypted program code portion in an initialization process of said 

3 device driver (See Glover Col. 9 Lines 25-35); executing the decrypted program code portion 

4 (See Glover Col. 1 1 Lines 3-5) and re-encrypting the executed decrypted program code portion 

5 in an end process of the device driver, in which said device driver is released (See Glover Col. 10 

6 Lines 45-47 and Col. 22 Lines 32-36). 

7 Claim 2 is rejected for the same reasons as claim 1 above and further because Glover 

8 disclosed initializing the device driver (hidden information) before decrypting the portions of 

9 code (See Glover Col. 9 Lines 16-19 and Col. 10 Lines 19-27). 

10 Regarding claims 4-5, Glover disclosed extracting a numeric value from an application; 

1 1 and a creating key, corresponding to the numeric value, for decrypting and re-encrypting the 

12 program code portion in said decrypting and re-encrypting of the program code portion steps 

13 (See Glover Col. 21 Lines 32-38). 

14 Claim Rejections - 35 USC § 103 

15 The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

16 obviousness rejections set forth in this Office action: 

1 7 A patent may not be obtained though the invention is not identically disclosed or 

1 8 described as set forth in section 102 of this title, if the differences between the subject matter 

1 9 sought to he patented and the prior art are such that the subject matter as a whole would have 

20 been obvious at the time the invention was made to a person having ordinary skill in the art to 

2 1 which said subject matter pertains. Patentability shall not be negatived by the manner in which 

22 the invention was made. 



23 



24 



Claim 3 is rejected under 35 U.S.C. 103(a) as being unpatentable over Glover, and further 



25 



in view of Schneier ("Applied Cryptography, Second Edition"). 
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1 Glover disclosed encrypting a program code portion, decrypting the program code 

2 portion, executing the decrypted program code portion, and re-encrypting the program code 

3 portion after processing was complete (See the rejection of claim 1 above and Col. 9 Lines 22-24 

4 and Lines 33-35), but failed to disclose encrypting and decrypting with two different keys. 

5 Schneier teaches that double encryption using two different keys provides two times the 

6 security of single encryption (See Schneier Section 15.1). 

7 It would have been obvious to the ordinary person skilled in the art at the time of 



8 invention to employ the teachings of Schneier in the encryption, decryption, re-encryption 

9 system of Glover, by encrypting the portion of code with one key and encrypting the result with 
10 a second key and decrypting in a reverse manner. This would have been obvious because the 



1 1 ordinary person skilled in the art at the time of invention would have been motivated to increase 

1 2 the security of the encrypted program. 

13 Claims 6-1 1 rejected under 35 U.S.C. 103(a) as being unpatentable over Glover as 

14 applied to claims 1-2 above, and further in view of McManis (US Patent Number 5.757.914). 

15 Regarding claims 6-7, Glover disclosed the device driver communicating with an 

16 application (See Glover Col. 10 Lines 34-47), but failed to disclose authentication between the 

17 two. 

18 McManis teaches a method for protecting two communicating applications in which 

19 before process A calls process B, A authenticates B by verifying the integrity of B, and before B 

20 responds to A, B verifies the integrity of A, and in both cases if the verification fails execution is 

21 aborted (See McManis Col. 3 Line 53- Col. 6 Line 9). 
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1 It would have been obvious to the ordinary person skilled in the art at the time of 

2 invention to employ the teachings of McManis in the dynamically loaded device driver by 

3 mutually authenticating the calling application and the device driver by integrity verification 

4 when a request is made by the application to the device driver. This would have been obvious 

5 because the ordinary person skilled in the art would have been motivated to protect the use of the 

6 application as well as the use of the dynamically loaded device driver. 

7 Regarding claims 8-9, the combination of Glover and McManis disclosed providing an 

8 application, which requests the device driver (See Glover Col. 1 1 Lines 6-11), utilizing the 

9 application to detect whether or not the program code portion of said device driver has been 

10 forged before supplying output data to said device driver, and when the program code portion of 

1 1 said device driver has been forged, the application stops outputting the output data to hardware, 

12 and utilizing the device driver to detect whether or not a program code portion of the application 

13 has been forged before supplying input data to the application, and when the program code 

14 portion of the application has been forged, said device driver stops outputting the input data to 

15 the application (See McManis. Fig 2 and related text). 

16 Regarding claims 10-1 1, the combination of Glover and McManis disclosed that said 

17 device driver does not decrypt encrypted data of the application, and wherein only when the 

18 program code portion of said device driver has not been forged, the application decrypts the 

19 encrypted data and provides the decrypted data as the output data to said device driver (See 

20 McManis Col. 5 Lines 50-67). 
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1 Claims 12-13 are rejected under 35 U.S.C. 103(a) as being unpatentable over Glover as 

2 applied to claims 1 and 2 above, and further in view of Cabrera et al. (US Patent Number 

3 5,978,8 1 5) hereinafter referred to as Cabrera. 

4 Glover disclosed a device driver being executed (See Glover Col. 9 Lines 33-35 and Col. 

5 10 Lines 43-47), but failed to disclose the device driver communicating between an application 

6 arranged at a user level and hardware arranged at a privilege level. 

7 Cabrera teaches that device drivers are used to communicate between hardware and 

8 software and that the software typically runs in a user mode and the driver operates at the 

9 privilege level (See Cabrera Col. 7 Paragraph 2). 

10 It would have been obvious to the ordinary person skilled in the art at the time of 

1 1 invention to employ the teachings of Cabrera in the system for securing device drivers of Glover 

12 by having the device driver communicate between a user mode application and hardware 

13 arranged at the privilege level. This would have been obvious because the ordinary person 

14 skilled in the art would have been motivated to allow the driver to perform many functions that 

1 5 would not be possible from user mode. 

16 Claim 14 is rejected under 35 U.S.C. 103(a) as being unpatentable over Glover and 

17 McManis as applied to claim 3 above, and further in view of Cabrera. 

18 Glover and McManis disclosed a device driver being executed (See Glover Col. 9 Lines 

19 33-35 and Col. 10 Lines 43-47), but failed to disclose the device driver communicating between 

20 an application arranged at a user level and hardware arranged at a privilege level. 
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1 Cabrera teaches that device drivers are used to communicate between hardware and 

2 software and that the software typically runs in a user mode and the driver operates at the 

3 privilege level (See Cabrera Col. 7 Paragraph 2). 

4 It would have been obvious to the ordinary person skilled in the art at the time of 



5 invention to employ the teachings of Cabrera in the system for securing device drivers of Glover 

6 and McManis by having the device driver communicate between a user mode application and 

7 hardware arranged at the privilege level. This would have been obvious because the ordinary 

8 person skilled in the art would have been motivated to allow the driver to perform many 

9 functions that would not be possible from user mode. 



1 0 Conclusion 

1 1 Claims 1-14 have been rejected. 

12 The prior art made of record and not relied upon is considered pertinent to applicant's 

13 disclosure. 

14 Applicant's amendment necessitated the new ground(s) of rejection presented in this 

15 Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 

16 Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

17 A shortened statutory period for reply to this final action is set to expire THREE 

18 MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 

19 MONTHS of the mailing date of this final action and the advisory action is not mailed until after 

20 the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 

21 will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 

22 CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 



Application/Control Number: 10/076,404 Page 9 

Art Unit: 2131 

1 however, will the statutory period for reply expire later than SIX MONTHS from the date of this 

2 final action. 

3 Any inquiry concerning this communication or earlier communications from the 

4 examiner should be directed to Matthew T. Henning whose telephone number is (571) 272-3790. 

5 The examiner can normally be reached on M-F 8-4. 

6 If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

7 supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 

8 organization where this application or proceeding is assigned is 571-273-8300. 

9 Information regarding the status of an application may be obtained from the Patent 

10 Application Information Retrieval (PAIR) system. Status information for published applications 

1 1 may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 

12 applications is available through Private PAIR only. For more information about the PAIR 

13 system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 

14 system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
15 

22 Matthew Henning 

23 Assistant Examiner 

24 Art Unit 2131 

25 12/12/2005 




